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DETAILED OFFICE ACTION 

Specification Objections 

1 . Specification of page 1 , first para, line 2, is objected to because, it lacks the serial 
number of applications, that were incorporated by reference. 

Claim Objections 


2. Claims 1-12, 15 and 16 are objected to because of the following informalities: 

Claim 1, 13, 14, and 18 use the terms VPN and NAT; VPN should be 
replaced as Virtual Private Network (VPN) and NAT should be replaced as 
Network Address Translation. 

Claim 1 , line 2, insert indefinite article, 'a' in front of phrase, "different 
addressing schemes". All dependant claims on claim 1 (Clams 2-12, 15 and 16) 
are also objected. 

Claim 5 is further objected because, on line 1 , insert "one or more" in front 
of, "physical or logical interface ports"; in line 2, insert "one of in front of 
"physical or logical interface ports". 


I 
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Claim 1 1 is further objected because, line 1, states, "The VPN gateway of 
claim 1 , the communication session", there is no communication session in claim 
1, however, there is a communication session in claim 10. Therefore, it is 
assumed that claim 1 1 is dependant upon claim 10. 

Claim 12 is further objected because, lines 1-2 states, "... claim 5 
arranged ... communication session.", however, there is no communication 
session in claim 5, but, there is a communication session in claim 10. Therefore, 
it is assumed claim 12 is dependant upon claim 10. 

Claim 16 further objected because, lines 1 needs a change "for" in front of 
"a network" to "in"; 

Appropriate corrections are required. 

Claim Rejections - 35 USC §112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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4. Claim 1 1 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention, because it violates single sentence rule by not ending the 
claim with a period. 

Claim Rejections - 35 USC § 101 

5. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 13, 14 and 17 are rejected under 35 U.S.C. 101 as setout below. 

Claims 13 and 14 are rejected under 35 U.S.C. 101 because they are statutory 
process (i.e. method) claims implementing judicial exception of abstract idea (like 
passing information, converting, receiving addresses, translating the addresses) without 
tangible result. Claim 17 is also rejected, because it is dependant upon rejected claim 
13. 

Claim 17, "Software for carrying out the method of claim 13", is rejected under 35 
U.S.C. 101 because claim 17 is implementing a method in software which does not 
belong to any statutory class of machine, process, composition of matter or article of 
manufacture. 
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Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

7. Claims 1-19 are rejected under 35 U.S.C. 102(b) as being anticipated by 
SonicWALL Administration guide (2002). 

For claims 1, 13, 17 and 18: 

A VPN gateway, method, software, and signals (See Fig. on page 117, 
the item with label SOH03 in One-Arm WAN port connected) for interfacing two 
or more VPNs (see page 96, section, "Currently Active VPN Tunnels ", which 
implies there are more than one VPN; further in the section description, "The 
table lists the name of the VPN Policy, the local LAN IP addresses, and the 
remote destination network IP addresses as well as Peer Gateway IP address.", 
line 1-3.) to one or more external networks (see page 96, section, "Currently 
Active VPN Tunnels", lines 1-3, "the remote destination network IP addresses 
as well as Peer Gateway IP address. ", therefore there is at least one external 
network), the external network or networks having different addressing schemes 
to those of the VPNs (see page 117, Figure, different addressing schemes, 
VPN's having class C addressing scheme (bottom cylinder, "Ethernet 
1 92, 168. 1.0/24") and external network is having class A addressing scheme 
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(10.0.79.103, etc. ), the VPN gateway having a NAT (see page 65, Section 
Network>One-to-One NAT) shared by the VPNs for converting VPN addresses 
of entities within the VPNs to addresses (see page 117, Section, "VPN Single- 
Armed Mode (stand-alone VPN gateway)", second para, first line, "An Example 
of deployment is to place the SonicWALL between the existing firewall and the 
router connected to the Internet.", in conjunction with the Figure, bottom cylinder, 
having network netid: 192.168.1.0; which implies 192.168.1.0/24 addresses are 
VPN local address) of the external network (see page 66, section, "One-to-One 
NAT Configuration Example", last para, Requests for http://208.1.2.4 are 
answered by the server at 192.168.1.10, Request for http://208.1.2.5 are 
answered by the server at 192.168.1.1 1 , and requests for http://208.1 .2.6 are 
answered by 192.168.1.12.", here the VPN entity addresses 192.168.1.10-12 are 
mapped to/or of the external network 208.1.2.4-6.). 

For claim 2: 

The VPN gateway of claim 1 (for claim 1 discussion see supra), the NAT 
comprising a source (see page 67, last Para, Assume 208.1 .2.4-6, in public 
Range is source NAT) and destination NAT (see page 67, last Para, assume 
192.168.1.10-12 in the private range is destination NAT), arranged such that 
entities in the external networks (entities in the external network 208.1.2.4-6) 
appear to one of the VPNs to have an address within an address range of the 
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respective VPN (VPN address (192.168.1.0/24) range, 192.168.1.10-12). 
For claim 3: 

The VPN gateway of claim 2 (for claim 2 discussion see supra), the 
entities in the external networks comprising at least one of: a call server, a SIP 
proxy, a web server (see page 120, Figure, Remote LAN 2, containing 2 VPN 
users external to VPN LAN, on Remote DMZ, WEB Server or on Corporate DMZ, 
Web Server), a storage server see page 120, Figure DHCP over a VPN Tunnel, 
external network corporate DMZ, FTP server; which is a file server, nothing but 
storage server), a video server, a mail server (see page 120, Figure DHCP over 
a VPN Tunnel, external network corporate DMZ, Mail server), an H.323 gateway, 
a telephony client, or a telephony media gateway. 

For claim 4: 

The VPN gateway of claim 1 (see supra for claim 1 discussion), the 
external network address used for each VPN entity being unique (page 1 17, 
Figure, see the unique addresses of SOH03 in One-Arm WAN port connected, 
address of, 10.0.79.102 which is external network address to VPN addresses) in 
the corresponding external network. 


For claim 5: 
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The VPN gateway of claim 1 (see supra for claim 1 discussion) having 
physical or logical interface ports (see page 117, section "VPN Single-Armed 
Mode", first para, "VPN Single-Armed Mode allows you to deploy a SonicWALL 
with single port (WAN) utilized as a VPN tunnel termination point", i.e. physical 
WAN port), and being arranged to determine an identity of each of the VPNs 
based on which physical or logical interface port on the VPN gateway is used to 
couple the respective VPN (each sonicWALL WAN IP address is used to couple 
the VPN's, see description in section, "VPN Single-Armed Mode (stand-alone 
VPN gateway)", first para, last line, "Clear text traffic is routed to the single 
interface , and the data is encapsulated to the appropriate IPSec gateway.", to be 
able to send/receive (for establishment of VPN tunnel) the encapsulated data, 
source/destination IP address has to be used.). 

For claim 6: 

The VPN gateway of claim 1 (see supra for claim 1 discussion), the VPN's 
each comprising a part of an Internet Protocol (IP) network (see page 117, 
Figure, the WAN port used address (10.0.79.102, under the label "SHOHO 3 in 
One-Arm WAN port connected") clearly indicates that the VPN gateway is used 
as part of IP network). 

For claim 7: 
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The VPN gateway of claim 6 (see supra for claim 6 discussion) where the 
multiple VPNs use overlapping private IP addressing schemes (See Page 1 17, 
Figure, VPN Ian netid of 192.168.1.0, for bottom cylinder labeled as 
192.168.1.0/24 (whose netid is 192.168.1.0) and netid of 192.168.2.0, see Figure 
top cylinder network label, 192.168.2.0/24 (whose network id will be: 
192.168.2.0) are overlapping considering overall netid of 192.168.252.0, which is 
the aggregation of 192.168.1.0 and 192.168.2.0). 

For claim 8: 

The VPN gateway of claim 6 (See supra for claim 6 discussion), being 
arranged to provide protocol conversion (see page 110, last para, section, 
"Require authentication of remote users", the use of XAUTH as authentication 
requires protocol conversion from user XAUTH to IP and back to XAUTH). 

For claim 9: 

The VPN gateway of claim 1 (see supra for claim 1 discussion), the VPNs 
being arranged to use at least one of ATM, Frame Relay, MPLS or IP (see Page 
117, Figure, from the gateway WAN IP address used is 10.0.79.102 and VPN 
network address used 192.168.1.0/24, shown under the label, "SOH03 in One- 
Arm WAN port connected", which is a IP). 


For claim 10: 
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The VPN gateway of claim 1 (see supra for claim 1 discussion) arranged 
to couple communication sessions having one end in one of the VPNs (see page 
124, Figure L2TP Server Settings, one end is VPN gate way) and another end in 
the external network, the sessions being controlled by a server (see page 124, 
Figure L2TP Server Settings, WINS server 10.0.0.32, which is an external use 
local LT2P IP Pool: Start IP 192.168.168.100-192.168.168.125). 

For claim 1 1 : 

The VPN gateway of claim 10 (see supra for claim 10 discussion), the 
communication sessions being one of data sessions (see page 124, Figure L2TP 
Server Settings and L2TP is a data session), telephony calls, or video calls 

For claims 12: 

The VPN gateway of claim 10 (see supra for claim 10 discussion), 
arranged to communicate to the external network entities the VPN identity 
associated (see page 125, section "Currently Active L2TP Sessions, Interface 
subsection, "the enter of interface used to access the L2TP Server, whether it's a 
VPN client or another SonicWALL [This implies SonicWALL port IP address, 
which is unique is used for the communication session] appliance") with a given 
communication session. 


For claim 14: 
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A method of using a NAT (see page 65, Section Network>One-to-One 
NAT, in conjunction with page 67, first TIP!, "You can configure the IP addresses 
individually,...", therefore, the NAT VPN side addresses can be configured to 
share the addresses in different VPN's) shared by two or more VPNs (see page 
96, section, "Currently Active VPN Tunnels ", which implies there are more than 
one VPN; further in the section description, 'The table lists the name of the VPN 
Policy, the local LAN IP addresses, and the remote destination network IP 
addresses as well as Peer Gateway IP address.", line 1-3.) to communicate 
between one of the VPNs and an entity of an external network or networks (see 
page 96, section, "Currently Active VPN Tunnels", lines 1-3, "the remote 
destination network IP addresses as well as Peer Gateway IP address. ", 
therefore there is at least one external network) having different addressing 
schemes to those of the respective VPN (see page 117, Figure, different 
addressing schemes, VPN's having class C addressing scheme (192.168.1.0) 
and external network is having class A addressing scheme (10.0.79.103, etc.), 
comprising the steps of receiving addresses and translating the addresses such 
that entities in the external networks (see page 67, last Para, external network 
entity, 208.1 .2.2-4) appear to the respective VPN to have an address within an 
address range of the respective VPN (see page 67, last Para, it appears to be 
VPN entities 192.168.1.10-12 are translated to: 208.1.2.2 to 192.168.1.10, 
208.1 .2.3 to 192.168.1 .1 1 and 208.1 .2.3 to 192.168.1 .12). 
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For claim 15: 

A method of offering a virtual packet network service (The gateway is 
providing http service packets to be able to show various settings, for example 
as shown in page 29, figure, address bar having an address of: 
http://192.168.168.17/main.html) using the gateway of claim 1 (see supra for 
claim 1 discussion). 

For claim 16: 

A node for [in] a network, the node having a VPN gateway (see page 117, 
under label SOH03 in One-Arm Wan port connected, is a node in the network 
shown in the figure) as set out in claim 1 (see supra for claim 1 discussion). 

For claim 19: 

The sequence of signals of claim 18, further comprising a signal from the 
VPN gateway to the entity in the external network containing an identity of the 
respective VPN (see page 117, Figure, for there to be an VPN tunnel, gateway IP 
encapsulated in an IP packet which is a signal must be sent from gateway to 
external network router(s) to 10.0.79.101 Head end gate way, in conjunction with 
section, "VPN Single-Armed Mode (stand-alone VPN gateway)", first Para, VPN 
Sigle-Armed Mode allows you to deploy a SonicWALL with single port (WAN) 


« 
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utilized as a VPN tunnel termination point. Clear text traffic is routed to the single 
interface and the data is encapsulated to the appropriate IPSec gateway."). 

CONCLUSION 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Hari Kunamneni whose telephone number is (571)274- 
1592. The examiner can normally be reached on Monday thru Friday 7:30-5:00 PM alt. 
fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, FRANTZ JULES can be reached on (571 )272-6681 . The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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